Microsoft has confirmed that two more Windows Defender vulnerabilities are publicly disclosed and being exploited in the wild, and CISA has added both to its Known Exploited Vulnerabilities catalog. A third Defender flaw — an unauthenticated remote code execution bug — ships in the same engine update without an in-the-wild exploitation flag. If you run Windows endpoints with Defender enabled, which is effectively every Windows fleet in existence, this is a live local-privilege-escalation problem you should already be patching.
What happened
The headline flaw is CVE-2026-41091, a local privilege escalation bug rated CVSS 7.8. It lives in the Microsoft Malware Protection Engine — the scanning core shared across Defender, System Center Endpoint Protection, and the long-dead Microsoft Security Essentials. The root cause is the engine improperly resolving links before accessing files: a classic link-following weakness where a low-privileged attacker plants a symlink or junction that the SYSTEM-context scanner follows into a location the attacker controls. Microsoft’s own write-up is blunt about the payoff: “An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.” No user interaction required.
Alongside it, CVE-2026-45498 (CVSS 4.0) is a denial-of-service bug in the Microsoft Defender Antimalware Platform — the user-mode binaries and kernel-mode drivers that host the engine. Exploited, it stops Defender from working as it should. On its own a DoS is unglamorous, but as a precursor it is exactly what an intruder wants: blind the EDR, then run the rest of the intrusion unobserved. Microsoft credited researchers for reporting CVE-2026-41091 and credited no one for CVE-2026-45498 — consistent with a flaw spotted only because it was already being used.
Quietly bundled into the same Malware Protection Engine fix is CVE-2026-45584, a remote code execution vulnerability. Microsoft has not flagged it as exploited, but an RCE in the scanning engine — which parses hostile, attacker-supplied files by design — is the most dangerous of the three. Patch it on the same schedule.
Affected versions
The LPE and RCE both affect Microsoft Malware Protection Engine v1.26030.3008, fixed in v1.1.26040.8. The DoS affects the Microsoft Defender Antimalware Platform, fixed in v4.18.26040.7.
Impact
This is the second wave of Defender zero-days in roughly six weeks. In April, a researcher operating as “Nightmare Eclipse” dropped public PoCs for BlueHammer (CVE-2026-33825, patched), RedSun, and UnDefend, and Huntress confirmed all three weaponized in hands-on-keyboard intrusions — coverage we ran here. The same actor later published a PoC for the YellowKey BitLocker bypass. CVE-2026-41091 and CVE-2026-45498 are distinct CVEs, but the pattern is identical: the security product everyone trusts as a control has become a reliable local-escalation primitive. An attacker who lands code as a normal user — through phishing, a malicious dependency, or a web-app foothold — uses Defender itself to reach SYSTEM.
What to do right now
Defender’s engine and platform update automatically by default, and most internet-connected fleets will already have v1.1.26040.8 and v4.18.26040.7. Do not assume — verify. On each host run Get-MpComputerStatus and confirm AMEngineVersion is at or above 1.1.26040.8 and AMProductVersion is at or above 4.18.26040.7. Air-gapped, WSUS-pinned, or update-throttled environments are the real exposure; push the definitions package manually through your management plane or the Microsoft Malware Protection Center.
CISA’s KEV listing sets a hard June 3, 2026 deadline for federal civilian agencies to patch or stop using the product. Treat that as your ceiling, not your target. Until every endpoint reports the fixed versions, hunt for the tell: unexpected Defender service crashes or scan-engine restarts (the DoS signature) and new symlinks or junctions in directories Defender scans under SYSTEM (the LPE signature).